Access your Pro+ Content below.

New Types of Computer Crime: Combating malware, botnets, phishing

As thrill seekers fade away, organizations must contend with skilled attackers wielding sophisticated, stealthy tools in their drive to steal data for financial gain. Browser malware that executes fraudulent financial transactions. Botnets so powerful they can knock websites offline for days. Drive-by infections that install keyloggers on the PCs of website visitors. Stealthy malware adept at self-preservation. As organizations erect barriers to protect their data, attackers are unleashing new new types of computer crime and advanced ways of finding and exploiting weaknesses. The threat landscape is one of professional, highly skilled online criminals who create, buy or trade advanced tools that allow them to steal confidential company data, disrupt business operations or snatch logon credentials and other personal information. The teen-aged script kiddies who focused on compromising systems for fame and game are receding into the distant past. Today's profit-minded attackers are more likely to carry a briefcase than a ...

The days of thrill-seeking script kiddies are over. Organized criminals are launching new types of computer crime, including browser malware, targeted email attacks and voice-based phishing, and using botnets to launch DDoS attacks.

In this product review, learn how FaceTime Internet Security Edition protects the enterprise from unauthorized use of applications such as instant messaging and VoIP. A hardened Linux rack-mounted appliance combined with a Windows-based server , the product catches malware, spyware and adware.

Theft of intellectual property is a growing problem but many companies are not prepared to deal with this security threat. Learn about the risk involved with trade secrets, why companies are failing to protect intellectual property and tips for data protection, including risk assessment, encryption, and corporate governance.

Product review of Bit9's Parity 3.5, a PC security tool designed to give enterprises control over what users can do on company computers and prevent executables in malware from running on desktops. Automatically installs SQL Server 2005 and Apache Web Server, which is used for remote administration.

Contractors can become the source of a security breach. This feature looks at the risk management steps, including access control and policies, that organizations should take when hiring contractors. A sidebar examines how a health care company uses NAC to control contractor access.

Columns
in this issue

Hacker Robert Hansen, also known as RSnake, demonstrates the pains cybercriminals take to target specific organizations and individuals through an exercise posted on his blog, which targeted the head of Google's spam team. Hansen's exercise underscores the threat companies face from today's organized and patient cybercriminals.

Computer crime laws and security policies aren't enough to combat increasingly sophisticated cybercrime. Understanding the criminal mind and a hacker's motive can help an organization determine what assets are most valuable and better distribute security resources.

PayPal's 133 million online customers are the biggest ocean for phishers to plunder. CISO Michael Barrett wants to make it safe to be in the water, and he's not going at it alone. Backed by PayPal's sophisticated fraud models and help from ISPs, Barrett is succeeding in protecting the most-spoofed brand on the Internet.